SDF’s ability to repel cyber-attacks must be strengthened without delay

Protecting critical infrastructure from cyber-attacks is a new security challenge. The response capability of the Self-Defense Forces must be improved drastically.

As part of this effort, the SDF officially participated in a large-scale exercise hosted by the Cooperative Cyber Defense Center of Excellence, a body accredited by the North Atlantic Treaty Organization, for the first time.

The exercise simulated successive cyber-attacks on operational systems in areas such as electricity, water, air defense and satellites. A team of 27 members mainly from the SDF and private operators of critical infrastructure took part in the “live-fire” training exercise.

It is crucial to deepen cooperation between the SDF and these private entities by taking advantage of such opportunities.

There have been many cases in which sensitive information and crypto-assets have been stolen through cyber-attacks even in peacetime. In the event of an emergency, it can be anticipated that attacks will be carried out on infrastructure, such as railways and electricity, and internal military systems.

It has been said that wars of the future will begin in cyberspace. When it invaded Ukraine, Russia is said to have inflicted extensive damage by cyber-attacks on electric power substations and military systems.

In Japan, business operators and the National Center of Incident Readiness and Strategy for Cybersecurity, which is overseen by the Cabinet, are tasked with protecting infrastructure and other critical systems in the event of a cyber-attack.

However, cyber-attacks are not limited to national emergencies involving armed attacks, as perpetrators are constantly gaining unauthorized access to various systems. Isn’t it necessary to make effective use of the SDF cyber unit?

In the United States, intelligence agencies and the military are engaged in protecting critical infrastructure systems. Under a so-called forward defense strategy, the United States monitors systems in other countries even during peacetime to be ready to strike back immediately if it comes under attack.

Japan has also stated a policy to acquire “the capability to disrupt” cyber-attacks in times of emergency in the National Defense Program Guidelines. This is intended to allow the SDF to counterattack in cyberspace.

If the SDF attempts to respond to such emergencies with an exclusively defensive defense policy, it is highly likely to be caught on the back foot. Serious discussions should be conducted in the Diet as to what kind of situations the SDF should be allowed to engage in, and to what extent.

Reinforcing the SDF cyber defense unit, which currently has 290 members, is an urgent task.

Earlier this month, the Defense Ministry established a senior-level post tasked with providing advice on cybersecurity based on expertise, and solicited applicants from the private sector. The ministry is aiming to secure talented human resources to fill the post by offering annual pay of up to ¥20 million and allowing the person to hold another job.

It is hoped that a sufficient cyber defense system will be developed by utilizing the strength of the private sector without being bound by conventional ideas.

— The original Japanese article appeared in The Yomiuri Shimbun on April 30, 2021.